From: Eric Wong <e@80x24.org>
To: meta@public-inbox.org
Subject: [PATCH] daemon: support listening on Unix domain sockets
Date: Thu, 3 Mar 2016 10:33:02 +0000 [thread overview]
Message-ID: <20160303103302.29161-1-e@80x24.org> (raw)
Listening on Unix domain sockets can be convenient for running
behind reverse proxies, avoiding port conflicts, limiting access,
or avoiding the overhead (if any) of TCP over loopback.
---
lib/PublicInbox/Daemon.pm | 43 +++++++++++++++++++++++++++----------------
t/httpd-corner.t | 25 +++++++++++++++++++++++--
2 files changed, 50 insertions(+), 18 deletions(-)
diff --git a/lib/PublicInbox/Daemon.pm b/lib/PublicInbox/Daemon.pm
index c101ecb..6caa1d3 100644
--- a/lib/PublicInbox/Daemon.pm
+++ b/lib/PublicInbox/Daemon.pm
@@ -7,6 +7,7 @@ use strict;
use warnings;
use Getopt::Long qw/:config gnu_getopt no_ignore_case auto_abbrev/;
use IO::Handle;
+use IO::Socket;
STDOUT->autoflush(1);
STDERR->autoflush(1);
require Danga::Socket;
@@ -52,13 +53,18 @@ sub daemon_prepare ($) {
foreach my $l (@cfg_listen) {
next if $listener_names{$l}; # already inherited
- require IO::Socket::INET6; # works for IPv4, too
- my %o = (
- LocalAddr => $l,
- ReuseAddr => 1,
- Proto => 'tcp',
- );
- if (my $s = IO::Socket::INET6->new(%o)) {
+ my (%o, $sock_pkg);
+ if (index($l, '/') == 0) {
+ $sock_pkg = 'IO::Socket::UNIX';
+ %o = (Type => SOCK_STREAM, Local => $l);
+ } else {
+ $sock_pkg = 'IO::Socket::INET6'; # works for IPv4, too
+ %o = (LocalAddr => $l, ReuseAddr => 1, Proto => 'tcp');
+ }
+ eval "use $sock_pkg";
+ die $@ if $@;
+ $o{Listen} = 1024;
+ if (my $s = $sock_pkg->new(%o)) {
$listener_names{sockname($s)} = $s;
push @listeners, $s;
} else {
@@ -165,15 +171,20 @@ sub sockname ($) {
sub host_with_port ($) {
my ($addr) = @_;
my ($port, $host);
- if (length($addr) >= 28) {
- require Socket6;
- ($port, $host) = Socket6::unpack_sockaddr_in6($addr);
- $host = '['.Socket6::inet_ntop(Socket6::AF_INET6(), $host).']';
- } else {
- ($port, $host) = Socket::sockaddr_in($addr);
- $host = Socket::inet_ntoa($host);
- }
- ($host, $port);
+
+ # this eval will die on Unix sockets:
+ eval {
+ if (length($addr) >= 28) {
+ require Socket6;
+ ($port, $host) = Socket6::unpack_sockaddr_in6($addr);
+ $host = Socket6::inet_ntop(Socket6::AF_INET6(), $host);
+ $host = "[$host]";
+ } else {
+ ($port, $host) = Socket::sockaddr_in($addr);
+ $host = Socket::inet_ntoa($host);
+ }
+ };
+ $@ ? ('127.0.0.1', 0) : ($host, $port);
}
sub inherit () {
diff --git a/t/httpd-corner.t b/t/httpd-corner.t
index 198a7e9..0338c8a 100644
--- a/t/httpd-corner.t
+++ b/t/httpd-corner.t
@@ -16,6 +16,7 @@ use Digest::SHA qw(sha1_hex);
use File::Temp qw/tempdir/;
use Cwd qw/getcwd/;
use IO::Socket;
+use IO::Socket::UNIX;
use Fcntl qw(FD_CLOEXEC F_SETFD F_GETFD :seek);
use Socket qw(SO_KEEPALIVE IPPROTO_TCP TCP_NODELAY);
use POSIX qw(dup2 mkfifo :sys_wait_h);
@@ -34,20 +35,30 @@ my %opts = (
Listen => 1024,
);
my $sock = IO::Socket::INET->new(%opts);
+my $upath = "$tmpdir/s";
+my $unix = IO::Socket::UNIX->new(
+ Listen => 1024,
+ Type => SOCK_STREAM,
+ Local => $upath
+);
+ok($unix, 'UNIX socket created');
my $pid;
END { kill 'TERM', $pid if defined $pid };
my $spawn_httpd = sub {
my (@args) = @_;
+ $! = 0;
my $fl = fcntl($sock, F_GETFD, 0);
ok(! $!, 'no error from fcntl(F_GETFD)');
is($fl, FD_CLOEXEC, 'cloexec set by default (Perl behavior)');
$pid = fork;
if ($pid == 0) {
# pretend to be systemd
- fcntl($sock, F_SETFD, $fl &= ~FD_CLOEXEC);
dup2(fileno($sock), 3) or die "dup2 failed: $!\n";
+ dup2(fileno($unix), 4) or die "dup2 failed: $!\n";
+ IO::Handle->new_from_fd(3, 'r')->fcntl(F_SETFD, 0);
+ IO::Handle->new_from_fd(4, 'r')->fcntl(F_SETFD, 0);
$ENV{LISTEN_PID} = $$;
- $ENV{LISTEN_FDS} = 1;
+ $ENV{LISTEN_FDS} = 2;
exec $httpd, @args, "--stdout=$out", "--stderr=$err", $psgi;
die "FAIL: $!\n";
}
@@ -63,6 +74,16 @@ my $spawn_httpd = sub {
$spawn_httpd->('-W0');
}
+# Unix domain sockets
+{
+ my $u = IO::Socket::UNIX->new(Type => SOCK_STREAM, Peer => $upath);
+ ok($u, 'unix socket connected');
+ $u->write("GET /host-port HTTP/1.0\r\n\r\n");
+ $u->read(my $buf, 4096);
+ like($buf, qr!\r\n\r\n127\.0\.0\.1:0\z!,
+ 'set REMOTE_ADDR for Unix socket');
+}
+
sub conn_for {
my ($sock, $msg) = @_;
my $conn = IO::Socket::INET->new(
--
EW
next reply other threads:[~2016-03-03 10:33 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-03 10:33 Eric Wong [this message]
2016-03-04 0:43 ` [PATCH v2] daemon: support listening on Unix domain sockets Eric Wong
2016-03-05 7:38 ` [PATCH] t/httpd-corner: avoid clobbering existing FDs after fork Eric Wong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://public-inbox.org/README
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160303103302.29161-1-e@80x24.org \
--to=e@80x24.org \
--cc=meta@public-inbox.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).